This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 98%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
NAP is a client health policy creation, enforcement, and remediation technology. With NAP, system administrators can establish and automatically enforce health policies, which can include software requirements, security update requirements, and other settings. Client computers that are not in compliance with health policy can be provided restricted network access until their configuration is updated and brought into compliance with policy. this solution has been restricted to windows prior to windows prior to windows 10 and windows servers 2016 and does not support windows 10,11 by the way, I had not gotten any clear solution that replaced it. I have searched it but did not get accept Intune cloud solution which I thought to be direct management of windows endpoints through agent which require may be internet connection on each windows endpoint, however if I am not clear about it, please make understand it.
thanks all.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 38%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
The Zero Trust principles deemphasize the edge-based solutions in lieu of endpoint protection (along with Identity-based solutions). That's where the entire family of Defender products come into play.
More at https://learn.microsoft.com/en-us/defender/
On the Identity side, you have a Microsoft Entra for hybrid/cloud environment. If you operate primarily on-premises, consider Defender for Identity (along with Defender for Endpoint)
hth
Marcin
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 9%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Network Access Protection (NAP) was a technology that allowed system administrators to create, enforce, and remediate health policies for client computers. Non-compliant client computers were restricted from network access until they met the health policy requirements. However, NAP was limited to Windows versions prior to Windows 10 and Windows Server 2016. NAP was deprecated in Windows Server 2012 R2 and is no longer supported in Windows Server 2016. It lacked compatibility with Windows 10 and Windows 11.
Unlike NAP, Intune is not tied to on-premises infrastructure. Intune is a 100% cloud-based unified endpoint management platform and it allows organization to manage and secure devices remotely, including windows endpoints from anywhere :-)
Moreover, Intune also has some key features such as Azure AD integration, Automatic enrollment and configuration and security policies. Intune does provide benefits such as users can work from anywhere with an internet connection, easy device reset and restoration, simplified deployment etc.
Intune is a powerful solution, but it requires an internet connection for management. It’s suitable for both organization-owned and BYOD (Bring Your Own Device) scenarios. So, in your case Microsoft Intune is a may work as a replacement for NAP as it provides cloud-native management for Windows endpoints, allowing organizations to manage devices securely from anywhere.
Feel free to post if you have any further questions. If this answer helped, please accept the answer :-)
Thanks for answering my question, but what I am asking is if you clearly point me to the solution that did extend Microsoft NAP solution to windows 10 and 11 or if there is new NAP solution
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 57.00000000000001%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEM%3C/text%3E%3C/svg%3E)
If you're looking for a third-party solution, ClearPass OnGuard or Cisco ISE is the way to go. If you're looking for an open-source solution, then Packet Fence is the way.